As part of Cybersecurity Awareness Month, we heard from Bindu Sundaresan, Director, AT&T Cybersecurity, on the crucial shift towards a passwordless future. While strong passwords and multi-factor authentication have been key players in safeguarding digital assets, the next frontier demands a fusion of cutting-edge technologies.
“Cybersecurity Awareness Month recognizes the use of strong passwords while enabling multi-factor authentication, but organizations will need to adopt a combination of biometric authentication, hardware tokens, and one-time codes to move towards a passwordless future. This will minimize the impact that weak, reused, and stolen passwords may have on an organization’s security posture. More specifically, this combination of authentication methods employ advanced encryption techniques to ensure that only authorized users gain access to sensitive information.
For example, with modern phishing methods aimed to bypass MFA safeguards, multi-factor checks like fingerprint scanning can confirm possession of the user's private key in a way that's highly resistant to phishing without using passwords as security mechanisms. With that said, a top-of-the-line authentication provider can be tailored even further for the needs and user preferences of an organization by offering one time passwords (OTPs), PINs, Fast IDentity Online, and push notifications - which the use of could result in reduced cyber insurance premiums. A MFA solution must also allow for the configuration and fine-tuning of access control rules - for instance limiting the number of MFA attempts before being locked out.
Just as important, biometric authentication, hardware tokens, and one-time codes reduce the time spent on password resets and management, enhancing user experience and allowing employees to focus on more critical tasks. Quick and seamless access to applications and services not only boosts productivity, but improves collaboration across the organization while reducing the burden on IT help desks, minimizing password-related issues. With some employees needing rapid access to work accounts, balancing security with user convenience can be critical.”